- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Source-IP command under "config user tacacs" not working,
Hello, currently I just did a setup of tacacs+ on FortiGate 100D v5,2,5 build 701. After all this config, I put the command "source-ip" because I wanted to use an internal address to make request for tacacs. But after doing a test under the GUI for connectivity, I realized that my "set source-ip" command is not considered, because the petitions for tacacs go from the egress interface as if the "source-ip" command is not take into consideration, and it fails. What is wrong with the config? Did I miss something? Actually when I run the command "get system source-ip status" it states that tacacs is using 192.168.145.1 as I configured, but in the sniffer capture it shows the egress interface making the requests, which is not correct. Any ideas? please.
Regards,
- Labels:
-
5.2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Any ideas please?
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've learned there is a bug if you try to source from a Loopback address, same behavior, is that what you are doing? If so try a Physical interface (not sure I can even use a VLAN interface!)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is not a bug, this is a limitation in the test command that you can't "set the source ip". if you run the diag test command from the cli you have the exact same problem btw.
Kem
PCNSE
NSE
StrongSwan
